Systems and methods for managing directory harvest attacks via electronic messages
First Claim
1. A method of managing the transmission of electronic messages from sending mail servers to destination mail servers, the method comprising:
- receiving, at a computer-server-implemented message management system located on a first network and interposed between the sending and destination mail servers, a plurality of delivery attempts of electronic messages from a sending mail server to a destination mail server before the plurality of delivery attempts are received at a second network having the destination mail server, wherein the second network is different from the first network;
detecting a number of the plurality of delivery attempts unsuccessfully made to invalid destination addresses associated with the destination mail server; and
refusing an SMTP connection attempt from the sending mail server using the message management system and based at least in part on the detected number of delivery attempts unsuccessfully made to the invalid destination addresses.
4 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides an electronic message management system (EMS) that includes a real-time feedback loop where data is collected from the electronic messages on incoming connection attempts, outgoing delivery attempts, and message content analysis, and written to a centralized data matrix. A separate process accesses the data matrix and analyzes trends in that data. The detected data patterns, trends or behavior is based on configuration parameters for the recipient. Based on these determinations, the process is able to instruct components in the EMS to accept, redirect, refuse, modify, defer, or otherwise dispose of the connection request, the delivery attempt, or the message. Associated methods for managing the transmission of electronic messages are also disclosed.
92 Citations
34 Claims
-
1. A method of managing the transmission of electronic messages from sending mail servers to destination mail servers, the method comprising:
-
receiving, at a computer-server-implemented message management system located on a first network and interposed between the sending and destination mail servers, a plurality of delivery attempts of electronic messages from a sending mail server to a destination mail server before the plurality of delivery attempts are received at a second network having the destination mail server, wherein the second network is different from the first network; detecting a number of the plurality of delivery attempts unsuccessfully made to invalid destination addresses associated with the destination mail server; and refusing an SMTP connection attempt from the sending mail server using the message management system and based at least in part on the detected number of delivery attempts unsuccessfully made to the invalid destination addresses. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 29, 30, 31)
-
-
16. An electronic message management system for use in managing the transmission of electronic messages from sending mail servers to destination mail servers, the system comprising:
-
a computer-server-implemented message management system comprising a computer-processor implemented intermediate service located on a first network configured to intercept at least one of the electronic messages between a sending mail server and a destination mail server before the at least one of the electronic messages are received at a second network having the destination mail server, wherein the second network is different from the first network; and a connection management module associated with the computer-processor implemented intermediate service, the connection management module configured to; detect a number of the plurality of delivery attempts unsuccessfully made to invalid destination addresses associated with the destination mail server, and refuse an SMTP connection attempt from the sending mail server using the computer-server-implemented message management system and based at least in part on the detected number of delivery attempts unsuccessfully made to the invalid destination addresses. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 32, 33, 34)
-
Specification